Stack Overflow
Stack Overflow

Questions tagged [decompiling]

Decompilers analyze binary code outputting source code in a higher level language such as C. The output is generally not any easier to analyze than the original assembler due to loss of information during compilation.

The concept of a decompiler seems simple to most people. A compiled binary was created from source code, so the operation seems like it should be reversible. However, there are some challenges that a decompiler faces:

  • Decomposing assembler to a basic block.
  • Lose of information during compilation.

Decomposing Basic blocks

Hand crafted assembler may confound analysis into a basic block, which will prohibit the creation of a control flow graph. For example, hand crafted assembler is not bound to follow a function prologue and epilogue. Assembler may make use of instructions that do not map to a higher level language. It may use self-modifying code and multiple entry points (even mid-instruction) for legitimate purposes or to foil reverse engineering. Aggressive compiler optimization may produce the same effects under some cases.

Loss of information

Comment and variable names are obviously lost information in the decompilation process. As well, compilers aggressively optimize code; a key part being to keep high level variable in registers. Because of this, a register maybe re-used for many different high level variable. This may result in the decompiled code have a different amount of variables and control structure from the original code. Also, different compilers (or even different optimization levels) generate different code for the same source code. Ie, the source to machine mapping is compiler dependent. Without hints to the decompiler, it cannot generically re-generate the same source. Often the decompiled code will resemble obfuscated code.

Cristina Cifuentes's research paper from Queensland University of Technology give more technical details of a decompiler. The Boomerang project is an example of an Open Source decompiler.

Some general uses of a decompiler:

  • Retargetting code to a different instruction set.
  • Analyzing a binary for security issue.
  • Patching code for an operating system update.

Due to the loss of information, decompiled code may not assist in understanding assembler code. It certainly can not produce the original source code. Examining decompiled code can give an appreciation of good variable naming.

See also:

1056 questions
0
votes
1 answer

YourKit Profiling and Line Numbers

I am using the YourKit Java profiler to find CPU hogging spots in some Java code. I do not have the original source code for the Java classes, so I have been decompiling it to see what needs to be fixed. The line numbers on decompiled code (using…
Sameer Puri
  • 987
  • 8
  • 20
0
votes
1 answer

Java Imports, Assembly (Krakatau), and Source Code

So here's my situation: I am running a Java Client/Server architecture that has high CPU usage and I'm trying to reduce the lag time on the main "server" thread. I have been profiling the server with YourKit to identify the CPU-hogging code. The…
Sameer Puri
  • 987
  • 8
  • 20
0
votes
2 answers

how to decompile multiple JAR files

I need to decompile about 1000 jar files. Single jar files can open with JD-GUI, but I read help (JD-GUI) and don't understand how can write script for decompiling multiple JAR files.
Aram Mak
  • 103
  • 1
  • 4
  • 13
0
votes
1 answer

How can I find which java class reads a particular xml file?

I'm workin on a java application for which i don't have all the source codes. The application is based on spring framework, and at startup it parses lots of xml files from different directories. Then it makes an internal cache of the given xml…
Szilard
  • 73
  • 2
  • 6
0
votes
1 answer

How to recover the C++ try/throw/catch block length and address from machine code?

I'm doing a project that reorders basic blocks inside a function at runtime in C++ under 64-bit Linux. Of course, the reordering process includes updating instructions like "jmp", etc. One problem is that if (I guess) the compiler (clang++ or g++)…
WindChaser
  • 960
  • 1
  • 10
  • 30
0
votes
2 answers

How is named values for Tuple implemented in swift?

In swift, we can use tuple like this in the repl: 34> let person:(name:String,age:Int)=("Hello",23) person: (name: String, age: Int) = { name = "Hello" age = 23 } 35> person.name $R13: String = "Hello" 36> person.age $R14: Int = 23 I have…
Cui Pengfei 崔鹏飞
  • 8,017
  • 6
  • 46
  • 87
0
votes
0 answers

How to decompiling Java APK file

I have a apk file that I want to decompile.I tried Smali2Java , and apktool but when I check the decompiled files, all of them contain only the definitions of the variables and functions. For example : import…
Hasan Shouman
  • 2,162
  • 1
  • 20
  • 26
0
votes
1 answer

Choosing .NET version when injecting code with Reflexil

I have a .NET dll file with no source code that was compiled with .NET 2.0. Needed to add a few fields to this dll so I used Reflexil (in conjuction with JustDecompile). I used the inject field option with Reflexil. When I saved and reloaded, I…
Cerealkiller050
  • 53
  • 1
  • 8
0
votes
1 answer

Unreachable statement from the Decompiler output

I decompiled an APK file, then tried to compile it and received an "Unreachable statement" compiler error, I want to know is it a obfuscator trick, or decompiler failure? How is it possible? Used dex2jar and Java Decompiler And here is the…
mes
  • 3,581
  • 29
  • 28
0
votes
1 answer

Lazy loading procedure

I would like to know how does it work precisely. Let's say we have the following code snippets: 0000000000400400 : 400400: ff 35 02 0c 20 00 pushq 0x200c02(%rip) # 601008 <_GLOBAL_OFFSET_TABLE_+0x8> 400406: …
badnack
  • 737
  • 1
  • 11
  • 20
0
votes
2 answers

Extract/Decompile source files from exe

There is a client specific solution that we cannot find the source code for, but we do have the .exe file. Is it possible to use .Net Reflector to extract this into a buildable solution within Visual Studio? At the moment I can retrieve some of the…
user1269016
0
votes
1 answer

Get all external source paths that a JAR uses

I have a problem with finding all the external libraries that a .jar file uses. My .jar file is very big, and manually decompiling it and going through every class, checking all the used paths is impossible. I wonder if there is a way or a tool that…
Victor2748
  • 4,149
  • 13
  • 52
  • 89
0
votes
1 answer

converting .class into .java

I deleted a Java project from my hard disk in an attempt to do some refactoring with Eclipse. Luckily I found a recent version of an Executable Jar File and decrompressed it into a bunch of .class files. I've read some 'decompiling' threads on SO…
user2651804
  • 1,464
  • 4
  • 22
  • 45
0
votes
1 answer

How can I change all .class files in a jar(or folder) to .java (or .txt) at once?

I have always used this to decompile any .class file to readable format. However, now I need to change around 30-40 .class files to readable format to push to my github. How may I change all the .class files to readable (.java or .txt) at once?
HackCode
  • 1,837
  • 6
  • 35
  • 66
0
votes
1 answer

Java decompiler is not giving full source code

I have tried to decompile .class file with JD. BUt i got Strange code in it(Static call to a non static method, Classname.this.method etc.) . Could you please tell me whether it will give 100 percent source code or not?
Raj Pannala
  • 67
  • 1
  • 9
1 2 3
70 71